Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/templates/zerver/emails
History
Tim Abbott a920544bc3
invite emails: Ensure user-controlled input is always in links. 
Popular email clients like Gmail will automatically linkify link-like
content present in an HTML email they receive, even if it doesn't have
links in it.  This made it possible to include what in Gmail will be a
user-controlled link in invitation emails that Zulip sends, which a
spammer/phisher could try to take advantage of to send really bad spam
(the limitation of having the rest of the invitation email HTML there
makes it hard to do something compelling here).

We close this opportunity by structuring our emails to always show the
user's name inside an existing link, so that Gmail won't do new
linkification, and add a test to help ensure we don't remove this
structure in a future design change.

Co-authored-by: Anders Kaseorg <andersk@mit.edu>
 		2020-05-08 14:02:41 -07:00
..
.gitignore send_custom_email: Use a special .gitignored directory. 2020-04-21 16:50:11 -07:00
confirm_new_email.source.html emails: Set alt attribute to empty for leading images. 2020-01-24 13:32:54 -08:00
confirm_new_email.subject.txt i18n: Rename email subject files so i18n detects them. 2018-12-17 10:00:49 -08:00
confirm_new_email.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
confirm_registration.source.html emails: Set alt attribute to empty for leading images. 2020-01-24 13:32:54 -08:00
confirm_registration.subject.txt i18n: Rename email subject files so i18n detects them. 2018-12-17 10:00:49 -08:00
confirm_registration.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
custom_email_base.pre.html emails: Set alt attribute to empty for leading images. 2020-01-24 13:32:54 -08:00
digest.source.html i18n: Add translation tags to digest emails. 2020-04-29 17:04:48 -07:00
digest.subject.txt i18n: Add translation tags to digest emails. 2020-04-29 17:04:48 -07:00
digest.txt i18n: Add translation tags to digest emails. 2020-04-29 17:04:48 -07:00
email.css emails: Show proper message when email content is not shown. 2020-01-31 12:29:58 -08:00
email_base_default.source.html emails: Add alt tags to images. 2019-04-24 17:49:56 -07:00
email_base_messages.html emails: Show preheader block only if preheader is present. 2019-08-17 11:32:28 -07:00
find_team.source.html emails: Set alt attribute to empty for leading images. 2020-01-24 13:32:54 -08:00
find_team.subject.txt i18n: Rename email subject files so i18n detects them. 2018-12-17 10:00:49 -08:00
find_team.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
followup_day1.source.html templates: Use `<hr>` and `<br>` consistently. 2020-04-28 17:05:48 -07:00
followup_day1.subject.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
followup_day1.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
followup_day2.source.html templates: Use `<hr>` and `<br>` consistently. 2020-04-28 17:05:48 -07:00
followup_day2.subject.txt emails: Tag followup_day2 email for translation. 2018-12-19 09:21:09 -08:00
followup_day2.txt emails: Tag followup_day2 email for translation. 2018-12-19 09:21:09 -08:00
invitation.source.html invite emails: Ensure user-controlled input is always in links. 2020-05-08 14:02:41 -07:00
invitation.subject.txt i18n: Rename email subject files so i18n detects them. 2018-12-17 10:00:49 -08:00
invitation.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
invitation_reminder.source.html invite emails: Ensure user-controlled input is always in links. 2020-05-08 14:02:41 -07:00
invitation_reminder.subject.txt i18n: Rename email subject files so i18n detects them. 2018-12-17 10:00:49 -08:00
invitation_reminder.txt emails: Send invitation reminder email two days before expiry. 2019-08-23 12:53:11 -07:00
missed_message.source.html i18n: Add translation tags to missed-message emails. 2020-04-30 16:11:47 -07:00
missed_message.subject.txt i18n: Add translation tags to missed-message emails. 2020-04-30 16:11:47 -07:00
missed_message.txt i18n: Add translation tags to missed-message emails. 2020-04-30 16:11:47 -07:00
notify_change_in_email.source.html templates: Use `<hr>` and `<br>` consistently. 2020-04-28 17:05:48 -07:00
notify_change_in_email.subject.txt i18n: Rename email subject files so i18n detects them. 2018-12-17 10:00:49 -08:00
notify_change_in_email.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
notify_new_login.source.html templates: Use `<hr>` and `<br>` consistently. 2020-04-28 17:05:48 -07:00
notify_new_login.subject.txt emails: Tag notify_new_login email for translation. 2018-12-19 09:21:09 -08:00
notify_new_login.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
password_reset.source.html emails: Set alt attribute to empty for leading images. 2020-01-24 13:32:54 -08:00
password_reset.subject.txt emails: Update text for password_reset. 2018-12-20 16:26:19 -08:00
password_reset.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00
realm_reactivation.source.html emails: Set alt attribute to empty for leading images. 2020-01-24 13:32:54 -08:00
realm_reactivation.subject.txt i18n: Add translation tags to missed-message emails. 2020-04-30 16:11:47 -07:00
realm_reactivation.txt emails: Remove newlines from translated strings in email templates. 2019-02-10 12:28:17 -08:00